HQ/EMEAFind out how we can help your business
The BlackCat, also notoriously known as the ALPHV ransomware group, recently added a new victim to its leak site, which turns out to be one of India’s premier financial advice and capital providers – Ambit India. As observed by our iZOOlogic researchers, the threat group claimed to have over 500GB of data from the company.
Ambit India provides financial advice and capital to businesses in investment banking, institutional equities and research, asset management, wealth management, and SME lending.
ALPHV ransomware threatened Ambit India with obtaining a massive database of their clients.
The threat group posted their alleged hack against the financial institution on May 2, 2023, at 6:59 AM. According to the post, over 500GB of data was stolen from the company, which consisted of Ambit’s clients, such as AU Bank India.
Aside from clients’ data, ALPHV also claimed to have stolen other corporate data from Ambit, including loan application forms, bank details, identification cards, statements of accounts, and email screenshots. The threat group shared some samples of these stolen data on the post as proof.
With the wide number of clients that Ambit India is partnered with, ALPHV took this to their advantage to pressure the company into leaking the stolen data if they did not get in touch. It is a usual approach for ransomware actors to gain the upper hand in the matter, and it is up to the victims which action to execute to address it.
ALPHV did not mention how much ransom they requested from the company and did not provide a deadline. Moreover, these hacking threats are yet to be confirmed, as no comment has been heard from Ambit as of writing.
Our team’s investigations also show that the company’s official website, ambit[.]co, works normally, and is accessible.
iZOOlogic’s security researchers will continually be on the lookout for developments in this issue. Meanwhile, customers and employees affected by this alleged hacking incident must keep their guard up against malicious entities’ potential cyberattacks.
